reagent
by fsmiamoto
Overview
Provides a lightweight Model Context Protocol (MCP) server for browser-based, GitHub-style code reviews to facilitate human-in-the-loop feedback for AI coding agents.
Installation
npx -y @fsmiamoto/reagent@latest mcpSecurity Notes
The server executes Git commands using `child_process.execSync` where user-provided input (such as `commitHash`, `base`, and `head` for `git diff` or `git show`) is directly concatenated into the shell command string without apparent sanitization. This creates a critical command injection vulnerability. An attacker or an AI agent (accidentally or maliciously) providing crafted input like `abc123; rm -rf /` to parameters like `commitHash` could execute arbitrary shell commands on the host machine. The `express.json({ limit: '50mb' })` setting also presents a potential, albeit lower, risk for denial-of-service via large request bodies.
Similar Servers
github-mcp-server
The GitHub MCP Server enables AI agents, assistants, and chatbots to interact with GitHub's platform for repository management, issue/PR automation, CI/CD intelligence, code analysis, and team collaboration through natural language.
inspector
A web-based client and proxy server for inspecting and interacting with Model Context Protocol (MCP) servers, allowing users to browse resources, prompts, and tools, perform requests, and debug OAuth authentication flows.
Lynkr
Lynkr is an AI orchestration layer that acts as an LLM gateway, routing language model requests to various providers (Ollama, Databricks, OpenAI, etc.). It provides an OpenAI-compatible API and enables AI-driven coding tasks via a rich set of tools and a multi-agent framework, with a strong focus on security, performance, and token efficiency. It allows AI agents to interact with a defined workspace (reading/writing files, executing shell commands, performing Git operations) and leverages long-term memory and agent learning to enhance task execution.
rocketship
This MCP server assists AI coding agents by providing Rocketship testing examples, optimal test structure, schema information, CLI guidance, and codebase analysis to help agents write better Rocketship tests.